Last May, around the time many schools let out for the summer, the Office for Civil Rights (“OCR”) published guidance entitled “Direct Liability of Business Associates” (the “Guidance”),
Continue Reading Back to School and Back to BAAs: OCR Guidance Provides Reason to Review BAA Provisions
Business Associate Agreement
Too Much (Protected Health) Information Exposed + Too Little Response = $3M and Corrective Action Plan for Medical Imaging Company
“TMI” usually means “too much information”, but it was used aptly by the Office for Civil Rights (OCR) as an acronym for a covered entity that exposed protected health information…
Continue Reading Too Much (Protected Health) Information Exposed + Too Little Response = $3M and Corrective Action Plan for Medical Imaging Company
To BAA or Not to BAA? The Question a Florida Provider Should Have Asked in 2011 Results in a Half Million Dollar Payment in 2018
Yesterday’s listserv announcement from the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS) brought to mind this question. The post announces the agreement…
Continue Reading To BAA or Not to BAA? The Question a Florida Provider Should Have Asked in 2011 Results in a Half Million Dollar Payment in 2018
Bankrupt Medical Records Company Hit with $100,000 Penalty for HIPAA Violations
Filefax, Inc., a defunct Illinois medical records storage and management company, has been fined $100,000 for improperly handling medical data under an agreement with the court-appointed receiver managing the company’s…
Continue Reading Bankrupt Medical Records Company Hit with $100,000 Penalty for HIPAA Violations
Beware: HIPAA Applies to the Health Plans You Never Knew You Had (Part 1: Employee Assistance Programs)
You may be surprised to learn that those “extra” benefits your company offers to its employees such as your employee assistance program (“EAP”) and wellness program likely are subject to…
Continue Reading Beware: HIPAA Applies to the Health Plans You Never Knew You Had (Part 1: Employee Assistance Programs)
5 Practical Steps for Business Associate Compliance
Congratulations! You have a HIPAA-compliant business associate (or subcontractor) agreement in place – now what? How can you implement the agreement without becoming a HIPAA guru?
There are many resources…
Continue Reading 5 Practical Steps for Business Associate Compliance
HIPAA Compliance Trends for 2015
As she had done in 2014, Marla Durben Hirsch interviewed my partner Elizabeth Litten and me for her annual Medical Practice Compliance Alert article on compliance trends for the …
Michael Kline’s “List of Considerations” for Indemnification Provisions in Business Associate Agreements
I strongly urge every covered entity and business associate faced with a Business Associate Agreement that includes indemnification provisions to read Michael Kline’s “List of Considerations” before signing. Michael’s list,…
Continue Reading Michael Kline’s “List of Considerations” for Indemnification Provisions in Business Associate Agreements
Connecticut Supreme Court Recognizes Individual’s Right for State Tort Action Using HIPAA as Standard of Care
The Connecticut Supreme Court handed down a decision in the case of Byrne v. Avery Center for Obstetrics and Gynecology, P.C., — A.3d —-, 2014 WL 5507439 (2014) that
[a]ssuming,
Countdown to September 22nd — Shortcuts for Business Associate Agreement Compliance
The deadline for executing a HIPAA Omnibus Rule-compliant Business Associate Agreement (BAA) looms just 2 short weeks from today. What can a busy covered entity (CE) or business associate (BA)…
Continue Reading Countdown to September 22nd — Shortcuts for Business Associate Agreement Compliance